| Warning |
|---|
This document is currently in the process of being replaced by Common Services REST API documentation. |
This document provides suggested templates for REST-based APIs, for potential adoption by many of the services in CollectionSpace's services layer. This implements part of the work described in the "REST Service Contracts" section of Web Services - Paradigms and Contracts /wiki/spaces/collectionspace/pages/666274329.
Some generic message payloads and envelopes that are to be used with the proposed APIs below, such as the message payloads to be returned in a response when an error occurs, are detailed in Common System Specific Elements.
...
...
This document is in process, and is currently incomplete. It has not yet been reviewed or accepted by the CollectionSpace Services Team.
REST-based APIs, and their associated client-visible resource models, are suggested below for the three major types of CollectionSpace services: entity services, relation (association) services, and task services:
...
Purpose
Retrieves a human-readable description of the service. This also verifies that the service exists, without interacting with the resources that it provides.
Request
| Code Block |
|---|
GET /{resources_as_a_plural_noun}/description
|
...
- text/plain (for plain text)
- applicationmultipart/xml mixed (for generic XML content)
See Questions or Issues, below.
...
Response: Entity Body (on Error)
Returns an XML document containing a description of the error. See Common System Specific Elements for details.
As RESTful Service - Ajax Patterns notes, "Error responses should ... be in human-friendly language and with examples and hyperlinks."
...
- Sent by a client in the body of a request, to perform a Create operation.
- Sent by a client in the body of a request, to perform an Update operation.
- Returned by the service in a response, when a specific object (entity) is requested.
- Returned by the service in a response, when a list of objects (entities) is requested, in a format that returns full object records, (rather than just hyperlinks, or just hyperlinks accompanied by abbreviated object records).
Request
| Code Block |
|---|
GET /{resources_as_a_plural_noun}/schema
|
There will be only one schema returned per resource. If there may be typed resources, or child resources, available anywhere within the URL path, schemas for these resources can be retrieved via variations on this generic pattern, as in this example:
| Code Block |
|---|
GET /{resources_as_a_plural_noun}/{typed_or_child_resources_as_a_plural_noun}/schema
|
...
Response: Entity Body (on Error)
Returns an XML document containing a description of the error. See Common System Specific Elements for details.
Questions or Issues
...
Purpose
Creates a new resource of the specified type.
Request
| Code Block |
|---|
POST /{resources_as_a_plural_noun}
|
...
If there may be typed resources, or child resources, available anywhere within the URL path, new resources of that type can be created via variations on this generic pattern, as in this example:
| Code Block |
|---|
POST /{resources_as_a_plural_noun}/{typed_or_child_resources_as_a_plural_noun}
|
...
Response: Status Codes
Code | Meaning | Returned When | ||||
|---|---|---|---|---|---|---|
201 400 | Created | A new instance of the resource was created successfully within /{resources_as_a_plural_noun}. | 400 | Bad Request | The resource could not Bad Request | The resource could not be created because the data sent in the entity body of the request was bad, as determined by the service. |
401 | Unauthorized | The resource could not be created because the client submitting the request either has not provided authentication credentials, or authentication failed (e.g. due to an invalid username or password) after such credentials were provided. | ||||
403 | Forbidden | The resource could not be created because the client submitting the request was not authorized to create new resources in this container. | ||||
409 | Conflict | The resource could not be created because the submitted data would create a duplicate (non-unique) resource, as determined by the service. | ||||
500 | Internal Server Error | A service error prevented the resource from being created. |
Response: Content-Type
application/xml
Response: Location
Returns the URL for the newly-created object.
Response: Entity Body (on Success)
Returns a representation of the newly-created resource, as an XML document conforming to the schema used by the service.
Returns an empty entity body.
Response: Entity Body (on Error)
Returns an XML document containing a description of the error. See Common System Specific Elements for details.
Questions or Issues
...
Purpose
Reads (aka retrieves or returns) a representation of a specific instance of this resource.
Request
| Code Block |
|---|
GET /{resources_as_a_plural_noun}/{resource_identifier}
|
...
If there may be typed resources, or child resources, available anywhere within the URL path, these resources can be retrieved via variations on this generic pattern, as in this example:
| Code Block |
|---|
GET /{resources_as_a_plural_noun}/{typed_or_child_resources_as_a_plural_noun}/{resource_identifier}
|
...
Code | Meaning | Returned When |
|---|---|---|
200 | OK | A representation of the resource was read (i.e. returned) successfully. |
401 | Unauthorized | The resource could not be read because the client submitting the request either has not provided authentication credentials, or authentication failed (e.g. due to an invalid username or password) after such credentials were provided. |
403 | Forbidden | The resource could not be returned read because the client submitting the request was not authorized to read it. |
404 | Not Found | The resource at /{resources_as_a_plural_noun}/{resource_identifier} does not exist. |
500 | Internal Server Error | A service error prevented the resource from being read. |
Response: Content-Type
application multipart/xmlmixed
Response: Entity Body (on Success)
Returns a representation of the requested resource, as an XML document conforming to the schema used by the service.one or more documents conforming to the schema used by the service.
Consists of one or more MIME message parts, each separated by a message-specific boundary line, and each part containing a separate document. Each of these parts of the message is currently of Content-Type: application/xml.
The MIME message part whose label ends in _common contains a document conforming to the "common" schema for a particular entity; that is, the schema that will be present for all tenants in a specific deployment. The "common" schema is also supported by search and other functionality which does not apply to extension schema. If there are other MIME message parts present, ending in a name other than _common, these parts will typically represent one or more extension schema, specific to the current tenant.
An example, showing two MIME message parts, each containing XML documents representing part of a CollectionObject: one containing the fields in an extension schema (collectionobject_naturalhistory), and the second containing the fields in the common schema (collectionobjects_common).
| Code Block |
|---|
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
X-Powered-By: Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA
date=200807181439)/JBossWeb-2.0
Content-Type: multipart/mixed;
boundary=ab8d331a-9720-45c9-a629-2c71050f1720
Content-Length: 1643
Date: Wed, 02 Dec 2009 23:18:13 GMT
--ab8d331a-9720-45c9-a629-2c71050f1720
label: collectionobjects_naturalhistory
Content-Type: application/xml
<?xml version="1.0" encoding="UTF-8"?>
<ns2:collectionobjects_naturalhistory
xmlns:ns2="http://collectionspace.org/services/collectionobject/domain/naturalhistory"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://collectionspace.org/services/collectionobject/domain/naturalhistory
http://collectionspace.org/services/collectionobject/domain/collectionobjects_naturalhistory.xsd">
<nh-string>test-string</nh-string>
<nh-int>999</nh-int>
<nh-long>9999</nh-long>
</ns2:collectionobjects_naturalhistory>
--ab8d331a-9720-45c9-a629-2c71050f1720
label: collectionobjects_common
Content-Type: application/xml
<?xml version="1.0" encoding="UTF-8"?>
<ns2:collectionobjects_common
xmlns:ns2="http://collectionspace.org/services/collectionobject"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://collectionspace.org/services/collectionobject
http://services.collectionspace.org/collectionobject/collectionobjects_common.xsd">
<otherNumbers>
<otherNumber>urn:org.collectionspace.id:24082390</otherNumber>
<otherNumber>urn:org.walkerart.id:123</otherNumber>
</otherNumbers>
<objectNumber>updated-objectNumber-1259718776712</objectNumber>
<briefDescription>Papier mache bird mask with horns, painted red with black
and yellow spots. Puerto Rico. ca. 8&quot; high, 6&quot; wide,
projects 10&quot; (with horns).</briefDescription>
<objectName>updated-objectName-1259718776712</objectName>
</ns2:collectionobjects_common>
--ab8d331a-9720-45c9-a629-2c71050f1720--
|
Response: Entity Body (on Error)
Returns an XML document containing a description of the error. See Common System Specific Elements for details.
Read (Multiple)
...
The default behavior is to return hyperlinks, each accompanied by the minimum information required to identify, in a human-readable format, their linked-to resources.
Request
| Code Block |
|---|
GET /{resources_as_a_plural_noun}
|
| Code Block |
|---|
GET /{resources_as_a_plural_noun}?{optional_query_parameters ...}
|
If there may be typed resources, or child resources, available anywhere within the URL path, these resources can be retrieved via variations on this generic pattern, as in these examples:
| Code Block |
|---|
GET /{resources_as_a_plural_noun}/{resource_identifier}/{typed_or_child_resources_as_a_plural_noun} |
| Code Block |
|---|
GET /{resources_as_a_plural_noun}/{resource_identifier}/ {typed_or_child_resources_as_a_plural_noun}?{optional_query_parameters ...} |
A highly recommended child resource, for read (multiple) operations, will return a count of the numbers of records to be returned, as in this example:
| Code Block |
|---|
GET /{resources_as_a_plural_noun}/count
|
| Code Block |
|---|
GET /{resources_as_a_plural_noun}/count?{optional_query_parameters ...}
|
...
Some possible examples of query parameters to modify read (multiple) requests. These in part come from Common System Specific Elements:
?orderby={information_unit}
Requests that hyperlinks or full records be returned in the natural sort order of a particular information unit (field or data element). Defaults to ascending order if the sortorder query parameter isn't present.
...
Code | Meaning | Returned When |
|---|---|---|
200 | OK | A list of the resources was returned successfully. |
400 | Bad Request | There was an error in the query parameters submitted with the request. |
403 | Forbidden | A list of resources could not be returned because the client submitting the request was not authorized to read that list. |
404 | Not Found | The resource at /{resources_as_a_plural_noun} does not exist. |
500 | Internal Server Error | A service error prevented the list of resources from being read. |
...
Response: Entity Body (on Error)
Returns an XML document containing a description of the error. See Common System Specific Elements for details.
Questions or Issues
...
Purpose
Completely updates in place (i.e. replaces) an existing resource of the specified type.
Request
| Code Block |
|---|
PUT /{resources_as_a_plural_noun}/{resource_identifier}
|
...
If there may be typed resources, or child resources, available anywhere within the URL path, resources of that type can be updated via variations on this generic pattern, as in this example:
| Code Block |
|---|
PUT /{resources_as_a_plural_noun}/{typed_or_child_resources_as_a_plural_noun}/{resource_identifier}
|
...
Code | Meaning | Returned When |
|---|---|---|
200 | OK | A new instance of the resource was updated successfully at /{resources_as_a_plural_noun}/{resource_identifier}. |
400 | Bad Request | The resource could not be updated because the data sent in the entity body of the request was bad, as determined by the serviceservice. |
401 | Unauthorized | The resource could not be updated because the client submitting the request either has not provided authentication credentials, or authentication failed (e.g. due to an invalid username or password) after such credentials were provided. |
403 | Forbidden | The resource could not be updated because the client submitting the request was not authorized to update resources in this container. |
404 | Not Found | The resource at /{resources_as_a_plural_noun}/{resource_identifier} does not exist. |
500 | Internal Server Error | A service error prevented the resource from being updated. |
...
Response: Entity Body (on Error)
Returns an XML document containing a description of the error. See Common System Specific Elements for details.
Questions or Issues
...
Purpose
Deletes a specific instance of this resource.
Request
| Code Block |
|---|
DELETE /{resources_as_a_plural_noun}/{resource_identifier}
|
...
If there may be typed resources, or child resources, available anywhere within the URL path, resources of that type can be deleted via variations on this generic pattern, as in this example:
| Code Block |
|---|
DELETE /{resources_as_a_plural_noun}/{typed_or_child_resources_as_a_plural_noun}/{resource_identifier}
|
...
Code | Meaning | Returned When |
|---|---|---|
200 | OK | The resource was successfully deleted. |
401 | Unauthorized | The resource could not be deleted because the client submitting the request either has not provided authentication credentials, or authentication failed (e.g. due to an invalid username or password) after such credentials were provided. |
403 | Forbidden | The resource could not be deleted because the client submitting the request was not authorized to delete it. |
404 | Not Found | The resource at /{resources_as_a_plural_noun}/{resource_identifier} does not exist. |
500 | Internal Server Error | A service error prevented the resource from being updateddeleted. |
Response: Content-Type
application/xml
...
Response: Entity Body (on Error)
Returns an XML document containing a description of the error. See Common System Specific Elements for details.
Search
| Note |
|---|
This section is an in-process placeholder. The notes below are very rough at present. |
...
... there is rough consensus among search engines on what a query should look like: quotes mark "phrase searches", you use "+" to say a word must +occur and "-" to -exclude words. You URI-restrict searches like so: tbray.org:kirkby. Down the road, you might want to support something like XPath or even XQuery, but that would work fine through a Web interface too.
So a search engine would publicize a URI that you could use HTTP GET on to run searches; arguments would be q for the query, mr for maximum results, and ie for input-encoding. So a complete search request might look like:
| Code Block |
|---|
q=%2busername:miso%20%2bhostname:miso.demo.sun.com%20%2bsubject:test
|
...
In the case of error responses, the status code MUST be supplemented by a standardized payload in the entity body of the response, containing a more detailed and complete description of the error. This payload MUST be both human and machine-readable. See Common System Specific Elements for details.
As RESTful Service - Ajax Patterns notes, "Error responses should ... be in human-friendly language." That document goes on to suggest that such responses include "examples and hyperlinks," if possible. However, while that is desirable, it is not required.
...
Leonard Richardson and Sam Ruby, RESTful Web Services (via Safari Online if you have access)
Michael Mahemoff, et al., RESTful Service - Ajax Patterns
...
Aaron Johnson, Clearspace and Meaningful URLs
RedRata blog on REST-ful URI Design talks about different patterns, plurals and not plurals, sub-resources, etc.